package com.isoft.common.security;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import com.isoft.domain.SysRole;
import com.isoft.domain.SysUser;
import com.isoft.service.SysRoleService;
import com.isoft.service.SysUserService;

public class SysUserRealm extends AuthorizingRealm{
    @Resource
    private SysUserService sysUserService;
    @Resource
    private SysRoleService sysRoleService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String currentLoginName = (String)principals.getPrimaryPrincipal();
        List<String> SysUserSysRoles = new ArrayList<String>();  
        List<String> SysUserPermissions = new ArrayList<String>();  
        //从数据库中获取当前登录用户的详细信息  
        SysUser SysUser = sysUserService.findByUserName(currentLoginName);
        if(null != SysUser){  
            //获取当前用户下所有ACL权限列表  待续。。。
            //获取当前用户下拥有的所有角色列表
            List<SysRole> SysRoles = sysRoleService.findBySysUserId(SysUser.getSysUserId());
            for (int i = 0; i < SysRoles.size(); i++) {
                SysUserSysRoles.add(SysRoles.get(i).getSysRoleName());
            }
        }else{  
            throw new AuthorizationException();  
        }  
         System.out.println("#######获取角色："+SysUserSysRoles);
         System.out.println("#######获取权限："+SysUserPermissions);
        //为当前用户设置角色和权限  
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addRoles(SysUserSysRoles);
        authorizationInfo.addStringPermissions(SysUserPermissions); 
        return authorizationInfo;
    }

    /** 
     * 验证当前登录的Subject
     * LoginController.login()方法中执行Subject.login()时 执行此方法 
     */ 
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(
            AuthenticationToken authcToken) throws AuthenticationException {
        System.out.println("###【开始认证[SessionId]】"+SecurityUtils.getSubject().getSession().getId());
        String loginName = (String)authcToken.getPrincipal();
        SysUser SysUser = sysUserService.findByUserName(loginName);
        if(SysUser == null) {
            throw new UnknownAccountException();//没找到帐号
        }
        //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配，如果觉得人家的不好可以自定义实现
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
                SysUser.getSysUserName(), //用户名
                SysUser.getSysUserPwd(), //密码
                //ByteSource.Util.bytes(SysUser.getCredentialsSalt()),//salt=SysUsername+salt,采用明文访问时，不需要此句
                getName()  //realm name
        );
        return authenticationInfo;
    }
}
